• Journal of the Korea Convergence Society
• /
• v.6 no.4
• /
• pp.243-248
• /
• 2015

U-Healthcare is a convergence service with medical care and IT which enables to examine, manage and maintain the patient's health any time and any place. For communication conducted in U-Healthcare service, the transmission methods are used that patient's medical checkup analysis results or emergency data are transmitted to hospital server using wireless communication method. At this moment when the attacker who executes the malicious access makes DRDoS(Distributed Reflection DoS) attack to U-Healthcare devices or BS(Base Station), various damages occur that contextual information of urgent patients are not transmitted to hospital server. In order to deal with this problem, this study suggests DRDoS attack scenario and countermeasures against DRDoS and converges with Big Data which could process large amount of packets. When the attacker attacks U-Healthcare devices or BS(Base Station), DB is interconnected and the attack is prevented if it is coincident. This study analyzes the attack method that could occur in U-Healthcare devices or BS which are remote medical service and suggests countermeasures against the security threat using Big Data.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.1
• /
• pp.285-296
• /
• 2016

Recently, as the widespread use of Facebook through a smartphone or tablet PC, it has increased the threat that contains the malicious code to post a social attacks and comments that use personal information that has been published of Facebook. To solve these problems, Facebook is, by providing a security function, but would like to address these threats, in setting the security function, the security function of the user's convenience is not considered a properly there is a problem that is not in use. Thus, in this paper, on the basis of the information obtained via the cogTool, on Facebook security features, the user experience by presenting a method that can be quantitatively measured by this, the user convenience It classifies about Facebook security features to decrease.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.905-914
• /
• 2015

Once information security solution is implemented, it requires many services other than just general user management, such as malicious code analysis and security updated for consistent security against external threats or attacks, analysis of threat and attack, effectivity management of obtained security assurance, and advisory activities of security technical professionals. However, even if information security solutions provide those extra services, they are not properly treated in real market. Thus, for the security sustainable services, this study analyzes the service status of domestic information security, and suggest policy measure of price which could reflected the characteristics of information security solutions.

• The KIPS Transactions:PartC
• /
• v.12C no.4 s.100
• /
• pp.503-510
• /
• 2005

With the increasing importance of network protection from cyber threats, it is requested to develop a multi-gigabit rate pattern matching method for protecting against malicious attacks in high-speed network. This paper devises a high-speed pattern matching algorithm with TCAM by using an m-byte jumping window pattern matching scheme. The proposed algorithm significantly reduces the number of TCAM lookups per payload by m times with the marginally enlarged TCAM size which can be implemented by cascading multiple TCAMs. Due to the reduced number of TCAM lookups, we can easily achieve multi-gigabit rate for scanning the packet payload. It is shown by simulation that for the Snort nile with 2,247 patterns, our proposed algorithm supports more than 10 Gbps rate with a 9Mbit TCAM.

• The KIPS Transactions:PartA
• /
• v.10A no.6
• /
• pp.657-664
• /
• 2003

Supporting the availability, integrity, and confidentiality of the information is crucial. The survivability storage systems require to encode and distribute data over multiple storage nodes or data base to survive failures and malicious attacks Information dispersal scheme is one of the most efficient schemes allowing high availability and security with reasonable overhead. In this paper, we propose an algorithm determining the optimal (m, n)-lDS in terms of availability, given a set of IDS's. The proposed algorithm will be very useful for designing a highly available and secure storage system since many factors such as node number, storage space, operation speed, etc. interact with each other and thereby finding an optimal information dispersal scheme is very difficult.

• Journal of Broadcast Engineering
• /
• v.6 no.1
• /
• pp.50-57
• /
• 2001

A digital watermarking is a newly developed scheme to embed invisible or inaudible information Into the host data in order to insist the copyright of the owner or the creator. This paper describes a robust data embedding scheme that employs inner product and adaptive quantization. Compared to the previous works for digital watermarking, our proposed scheme can embed relatively large amount of Information, since a secrete key Is not directly relaxed to the watermark data. A secret key is used for the design of random direction vectors. which are taken Inner product with the DCT transformed feature set data. In odder to achieve robustness against malicious attacks. we exploit the Properties of human visual system In designing the random direction vectors which behave as embedded noises. Experimental results show that we can recover the embedded information without utilizing the original host data. We also demonstrate that the ownership assertion is possible even though The watermarked data may undergo common signal processing operations, such as JPEG compression. clopping. and filtering.

• Journal of KIISE:Computing Practices and Letters
• /
• v.8 no.2
• /
• pp.240-249
• /
• 2002

In the course of Internet proliferation, many network-related technologies are examined for possible growth and evolution. The use of Internet-based technologies in private networks has further fuelled the demand for network-based applications. The most promising among the new paradigms is use of mobile agents. The mobile agent is capable of migrating autonomously from node to node in the network, to perform some computation on behalf of the user. The mobile agent paradigm is attractive alternative to traditional client-server programming for a significant class of network-centric applications. It also however, suffers from a major drawback, namely, the potential for malicious attacks, abuse of resources pilfering of information, and other security issues. These issues are significantly hampering the acceptance of the mobile-agent paradigm. This paper describe the design & implementation of secure mobile agent gateway that split and merge the agent cede with security policy database. This mechanism will promote the security in mobile agent systems and mobile agent itself.

• Journal of Convergence for Information Technology
• /
• v.8 no.5
• /
• pp.115-120
• /
• 2018

As the number ofconnected cars grows, the security of the connected cars is becoming more important. There are also increasing warnings about the threat of attacks via the CAN bus used for in-vehicle networks. An attack can attack through a vulnerability in the CAN bus because the attacker can access the CAN bus remotely, or directly to the vehicle, without a security certificate on the vehicle, and send a malicious error message to the devices connected to the CAN bus. A large number of error messages put the devices into a 'Bus-Off' state, causing the device to stop functioning. There is a way to detect the error frame, or to manage the power of the devices related to the bus, but eventually the new standard for the CAN bus will be the fundamental solution to the problem. If new standards are adopted in the future, they will need to be studied.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.13 no.2
• /
• pp.169-174
• /
• 2003

The trial and success of malicious cyber attacks has been increased rapidly with spreading of Internet and the activation of a internet shopping mall and the supply of an online, or an offline internet, so it is expected to make a problem more and more. The goal of intrusion detection is to identify unauthorized use, misuse, and abuse of computer systems by both system insiders and external penetrators in real time. In fact, the general security system based on Internet couldn't cope with the attack properly, if ever. other regular systems have depended on common vaccine softwares to cope with the attack. But in this paper, we will use the positive selection and negative selection mechanism of T-cell, which is the biologically distributed autonomous system, to develop the self/nonself recognition algorithm and AIS (Artificial Immune System) that is easy to be concrete on the artificial system. For making it come true, we will apply AIS to the network environment, which is a computer security system.

• Journal of Internet Computing and Services
• /
• v.15 no.6
• /
• pp.47-54
• /
• 2014

Anti-debugging is one of the techniques implemented within the computer code to hinder attempts at reverse engineering so that attackers or analyzers will not be able to use debuggers to analyze the program. The technique has been applied to various programs and is still commonly used in order to prevent malware or malicious code attacks or to protect the programs from being analyzed. In this paper, we will suggest an automatic detection scheme for anti-debugging routines. With respect to the automatic detection, debuggers and a simulator were used by which trace information on the Application Program Interface(API) as well as executive instructions were extracted. Subsequently, the extracted instructions were examined and compared so as to detect points automatically where suspicious activity was captured as anti-debugging routines. Based on experiments to detect anti-debugging routines using such methods, 21 out of 25 anti-debugging techniques introduced in this paper appear to be able to detect anti-debugging routines properly. The technique in the paper is therefore not dependent upon a certain anti-debugging method. As such, the detection technique is expected to also be available for anti-debugging techniques that will be developed or discovered in the future.